diff options
| author | hukl <contact@smyck.org> | 2009-10-07 21:03:28 +0200 |
|---|---|---|
| committer | hukl <contact@smyck.org> | 2009-10-07 21:03:28 +0200 |
| commit | 9dadc61cae2c4c01a97880e89ca86a0e760fc8d1 (patch) | |
| tree | 4c50bccc0339429d669a04e5dc3f2e735dfcb515 /app/controllers/users_controller.rb | |
| parent | a57fb0c2084885c35b7ba89917c37696e5df3b3f (diff) | |
implemented complete restful user management interface including functional tests. this enables basic user operation. note that only admins are allowed to create, edit, destroy other users
Diffstat (limited to 'app/controllers/users_controller.rb')
| -rw-r--r-- | app/controllers/users_controller.rb | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 19f6b2d..b15f83b 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb | |||
| @@ -3,29 +3,57 @@ class UsersController < ApplicationController | |||
| 3 | # Private | 3 | # Private |
| 4 | 4 | ||
| 5 | before_filter :login_required | 5 | before_filter :login_required |
| 6 | before_filter :verify_admin_status, :except => [:index, :show] | ||
| 6 | 7 | ||
| 7 | layout 'admin' | 8 | layout 'admin' |
| 8 | 9 | ||
| 9 | def index | 10 | def index |
| 10 | @users = User.all | 11 | @users = User.all(:order => "login ASC") |
| 11 | end | 12 | end |
| 12 | 13 | ||
| 13 | def new | 14 | def new |
| 15 | @user = User.new( params[:user] ) | ||
| 14 | end | 16 | end |
| 15 | 17 | ||
| 16 | def create | 18 | def create |
| 19 | @user = User.new params[:user] | ||
| 20 | |||
| 21 | if @user.save | ||
| 22 | redirect_to user_path(@user) | ||
| 23 | else | ||
| 24 | render :new | ||
| 25 | end | ||
| 17 | end | 26 | end |
| 18 | 27 | ||
| 19 | def edit | 28 | def edit |
| 29 | @user = User.find(params[:id]) | ||
| 20 | end | 30 | end |
| 21 | 31 | ||
| 22 | def update | 32 | def update |
| 33 | @user = User.find(params[:id]) | ||
| 34 | |||
| 35 | if @user.update_attributes(params[:user]) | ||
| 36 | redirect_to user_path(@user) | ||
| 37 | else | ||
| 38 | render :edit | ||
| 39 | end | ||
| 23 | end | 40 | end |
| 24 | 41 | ||
| 25 | def show | 42 | def show |
| 43 | @user = User.find(params[:id]) | ||
| 26 | end | 44 | end |
| 27 | 45 | ||
| 28 | def destroy | 46 | def destroy |
| 47 | user = User.find(params[:id]) | ||
| 48 | user.destroy if user | ||
| 49 | redirect_to users_path | ||
| 29 | end | 50 | end |
| 30 | 51 | ||
| 52 | private | ||
| 53 | def verify_admin_status | ||
| 54 | unless current_user.admin | ||
| 55 | flash[:notice] = "Sorry, you need to be an admin for this action" | ||
| 56 | redirect_to users_path | ||
| 57 | end | ||
| 58 | end | ||
| 31 | end | 59 | end |
